Document Security - Administrator have too much access

Unfortunately, there's not such feature like this in Appian. Ideally, if you don't want someone deleting documents from suite/designer then you should make them a basic user. You can also create an action that lets you add/delete documents based on group security. Hopefully this helps

There is only one user who has an administrator in Prod. That user deploys our applications for us. The problem is that as long as there is a user who can delete or alter documents (sensitive legal issue), it is an issue for us.

Any deletions or versioning of documents are captured by the system so any change is logged. If you are concerned about losing documents I would recommend replicating them to a networked storage location and make sure the Appian production system admin is not also the system admin for the secondary storage location.

Hi Josh. Where in the system is this logged? I know that the latest version of a document can be deleted and the last modified date would roll back.

If your installation is on the cloud, there is a deletion log located at site.appiancloud.com/.../deletion.log

More info here: docs.appian.com/.../Logging.html

Tommy, Josh is referring to the 'deletion.log' file that should be available to system admins by going to /designer and clicking 'Access System Logs' on the left-hand side (Appian 17.1).

For example, how do I see the system log for a specific document only? I want to prove that from its creation and now that no one tempered, deleted a version etc

Besides the deletion.log* if there's other evidence easily available.

I do not think there is another OOTB way to determine this information other than the deletion log.

Thanks this is very helpful.
I understand that there is no way to keep an administrator from deleting documents. Is there a log that tracks which user became an administrator?